What it's like when the FBI asks you to backdoor your software.

At a recent RSA Security Conference, Nico Sell was on stage announcing that her company—Wickr—was making drastic changes to ensure its
users' security.

She said that the company would switch from RSA encryption to elliptic curve encryption, and that the service wouldn't have a backdoor for anyone.

As she left the stage, before she'd even had a chance to take her microphone off, a man approached her and introduced himself as an agent with the
Federal Bureau of Investigation. He then proceeded to "casually" ask if she'd be willing to install a backdoor into Wickr that would allow the FBI
to retrieve information.

The article goes on to talk about CALEA. The wiki entry says that, "In the years since CALEA was
passed it has been greatly expanded to include all VoIP and broadband internet traffic".

The issue here seems to be that CALEA ddint take into account encrypted software, which would be the reason why the FBI has to ask and cant
demand.

And I thought all this surveillance stuff started with Bush but it would seem that it was the warrant-less spying that took off under Bush.

From 2004 to 2007 there was a 62 percent growth in the number of wiretaps performed under CALEA — and more than 3,000 percent growth in
interception of internet data such as email.[1] By 2007, the FBI had spent $39 million on its DCSNet system, which collects, stores, indexes, and
analyzes communications data.

It was clear that the FBI agent didn't know who he was dealing with, because Sell did not back down. "Washington thought it was very
important to have freedom of information and private correspondence without government surveillance." Her lecture concluded, she proceeded to grill
the agent. "I asked if he had official paperwork for me, if this was an official request, who his boss was," said Sell. "He backed down very
quickly."

"Ten years ago, I'd have said yes," said Sell. "Because if law enforcement asks you to catch bad guys, who wouldn't want to help?"

"I'm not against helping law enforcement, but the most important thing to me is protecting my friends and family the best way I know how," said
Sell.

She suggested that the NSA and other agencies go back to a model where individuals are targeted, instead of monitoring all communications and sorting
it out later. "There are plenty of ways to track people without trampling human rights," she said.

I would assume that as a result of her "noncooperation", she and her colleagues have been added to a watch list?

Scam
Lets put it this way, its a stunt so you can trust this Wickr app, when actually its already implanted.
How about that twist ?

·military-grade encryption of text, picture, audio and video messages
·sender-based control over who can read messages, where and for how long
·best available privacy, anonymity and secure file shredding features
·security that is simple to use

How do they know its military grade if they dont deal with military ?
Best available privacy etc etc - so they KNOW you NEED it, most people dont
Simple to use - so simple, that you would use it at all time, revealing more each time

Imagine you sitting at the server, all gates open and only those WHO NEED it come through, easy target filtering.

I totally agree. SCAM
Why would the FBI show up at a conference, and approach her like that? The FBI would just make an appointment with her at her office.

It smells like a scam. I bet the NSA worked with the company while developing the encryption system. By staging the FBI encounter she can legally say
that the FBI was told "NO", and that they are not involved. While the truth could very well be that. (since the FBI and the NSA are two different
groups) This will allow people to believe that the system is safe, while all along the NSA would have an "IN" to the system.

NullVoid
Scam
Lets put it this way, its a stunt so you can trust this Wickr app, when actually its already implanted.
How about that twist ?

·military-grade encryption of text, picture, audio and video messages
·sender-based control over who can read messages, where and for how long
·best available privacy, anonymity and secure file shredding features
·security that is simple to use

How do they know its military grade if they dont deal with military ?
Best available privacy etc etc - so they KNOW you NEED it, most people dont
Simple to use - so simple, that you would use it at all time, revealing more each time

Imagine you sitting at the server, all gates open and only those WHO NEED it come through, easy target filtering.

I think this is a honeypot.

edit on 11-1-2014 by NullVoid because: (no reason given)

Because military grade is just a fancy sounding buzzword, the encryption the military uses is public technology.

I totally agree. SCAM
Why would the FBI show up at a conference, and approach her like that? The FBI would just make an appointment with her at her office.

It smells like a scam. I bet the NSA worked with the company while developing the encryption system. By staging the FBI encounter she can legally say
that the FBI was told "NO", and that they are not involved. While the truth could very well be that. (since the FBI and the NSA are two different
groups) This will allow people to believe that the system is safe, while all along the NSA would have an "IN" to the system.

It doesn't really matter if it's fake, there's ample evidence the NSA, FBI, and everyone else has been extremely interested in breaking all
commercial encryption, the only ones they can't get into with this method are the open source programs. They are doing this, assume this company is
compromised.

If you're going to use encryption (and you should), only trust open source.

This content community relies on user-generated content from our member contributors. The opinions of our members are not those of site ownership who maintains strict editorial agnosticism and simply provides a collaborative venue for free expression.